Interactive Authentication

Authentication is the first, crucial step in securing digital assets like cryptocurrencies and online services like banking and social networks. It relies on principals maintaining exclusive access to credentials like cryptographic signing keys, passwords, and physical devices. But both individuals and organizations struggle to manage their credentials, resulting in loss of assets and identity theft. Multi-factor authentication improves security, but its analysis and design are mostly limited to one-shot mechanisms, which decide immediately. In this work, we study mechanisms with back-and-forth interaction with the principals. For example, a user receives an email notification about sending money from her bank account and is given a period of time to abort the operation. We formally define the authentication problem, where an authentication mechanism interacts with a user and an attacker and tries to identify the user. A mechanism\u27s success depends on the scenario~-- whether the user / attacker know the different credentials; each credential can be safe, lost, leaked, or stolen. The profile of a mechanism is the set of all scenarios in which it succeeds. Thus, we have a partial order on mechanisms, defined by the subset relation on their profiles. We find an upper bound on the profile size and discover three types of $n$-credential mechanisms (for any $n$) that are maximally secure, meeting this bound. We show these are all the unique maximal mechanisms for $n \le 3$. We show the efficacy of our model by analyzing existing mechanisms, both theoretical and deployed in widely-used systems, and make concrete improvement proposals. We demonstrate the practicality of our mechanisms by implementing a maximally-secure cryptocurrency wallet

SkinnerDB: Regret-Bounded Query Evaluation via Reinforcement Learning

SkinnerDB is designed from the ground up for reliable join ordering. It maintains no data statistics and uses no cost or cardinality models. Instead, it uses reinforcement learning to learn optimal join orders on the fly, during the execution of the current query. To that purpose, we divide the execution of a query into many small time slices. Different join orders are tried in different time slices. We merge result tuples generated according to different join orders until a complete result is obtained. By measuring execution progress per time slice, we identify promising join orders as execution proceeds. Along with SkinnerDB, we introduce a new quality criterion for query execution strategies. We compare expected execution cost against execution cost for an optimal join order. SkinnerDB features multiple execution strategies that are optimized for that criterion. Some of them can be executed on top of existing database systems. For maximal performance, we introduce a customized execution engine, facilitating fast join order switching via specialized multi-way join algorithms and tuple representations. We experimentally compare SkinnerDB's performance against various baselines, including MonetDB, Postgres, and adaptive processing methods. We consider various benchmarks, including the join order benchmark and TPC-H variants with user-defined functions. Overall, the overheads of reliable join ordering are negligible compared to the performance impact of the occasional, catastrophic join order choice

ZKAttest: Ring and Group Signatures for Existing ECDSA Keys

Cryptographic keys are increasingly stored in dedicated hardware or behind software interfaces. Doing so limits access, such as permitting only signing via ECDSA. This makes using them in existing ring and group signature schemes impossible as these schemes assume the ability to access the private key for other operations. We present a $\Sigma$-protocol that uses a committed public key to verify an ECDSA or Schnorr signature on a message, without revealing the public key. We then discuss how this protocol may be used to derive ring signatures in combination with Groth–Kohlweiss membership proofs and other applications. This scheme has been implemented and source code is freely available

DECO: Liberating Web Data Using Decentralized Oracles for TLS

Thanks to the widespread deployment of TLS, users can access private data over channels with end-to-end confidentiality and integrity. What they cannot do, however, is prove to third parties the {\em provenance} of such data, i.e., that it genuinely came from a particular website. Existing approaches either introduce undesirable trust assumptions or require server-side modifications. As a result, the value of users' private data is locked up in its point of origin. Users cannot export their data with preserved integrity to other applications without help and permission from the current data holder. We propose DECO (short for \underline{dec}entralized \underline{o}racle) to address the above problems. DECO allows users to prove that a piece of data accessed via TLS came from a particular website and optionally prove statements about such data in zero-knowledge, keeping the data itself secret. DECO is the first such system that works without trusted hardware or server-side modifications. DECO can liberate data from centralized web-service silos, making it accessible to a rich spectrum of applications. To demonstrate the power of DECO, we implement three applications that are hard to achieve without it: a private financial instrument using smart contracts, converting legacy credentials to anonymous credentials, and verifiable claims against price discrimination.Comment: This is the extended version of the CCS'20 pape

CHURP: Dynamic-Committee Proactive Secret Sharing

We introduce CHURP (CHUrn-Robust Proactive secret sharing). CHURP enables secure secret-sharing in dynamic settings, where the committee of nodes storing a secret changes over time. Designed for blockchains, CHURP has lower communication complexity than previous schemes: $O(n)$ on-chain and $O(n^2)$ off-chain in the optimistic case of no node failures. CHURP includes several technical innovations: An efficient new proactivization scheme of independent interest, a technique (using asymmetric bivariate polynomials) for efficiently changing secret-sharing thresholds, and a hedge against setup failures in an efficient polynomial commitment scheme. We also introduce a general new technique for inexpensive off-chain communication across the peer-to-peer networks of permissionless blockchains. We formally prove the security of CHURP, report on an implementation, and present performance measurements

CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability

We present CanDID, a platform for practical, user-friendly realization of decentralized identity, the idea of empowering end users with management of their own credentials. While decentralized identity promises to give users greater control over their private data, it burdens users with management of private keys, creating a significant risk of key loss. Existing and proposed approaches also presume the spontaneous availability of a credential-issuance ecosystem, creating a bootstrapping problem. They also omit essential functionality, like resistance to Sybil attacks and the ability to detect misbehaving or sanctioned users while preserving user privacy. CanDID addresses these challenges by issuing credentials in a user-friendly way that draws securely and privately on data from existing, unmodified web service providers. Such legacy compatibility similarly enables CanDID users to leverage their existing online accounts for recovery of lost keys. Using a decentralized committee of nodes, CanDID provides strong confidentiality for user\u27s keys, real-world identities, and data, yet prevents users from spawning multiple identities and allows identification (and blacklisting) of sanctioned users. We present the CanDID architecture and its technical innovations and report on experiments demonstrating its practical performance

Respiratory support in patients with severe COVID-19 in the International Severe Acute Respiratory and Emerging Infection (ISARIC) COVID-19 study: a prospective, multinational, observational study

Background: Up to 30% of hospitalised patients with COVID-19 require advanced respiratory support, including high-flow nasal cannulas (HFNC), non-invasive mechanical ventilation (NIV), or invasive mechanical ventilation (IMV). We aimed to describe the clinical characteristics, outcomes and risk factors for failing non-invasive respiratory support in patients treated with severe COVID-19 during the first two years of the pandemic in high-income countries (HICs) and low middle-income countries (LMICs). Methods: This is a multinational, multicentre, prospective cohort study embedded in the ISARIC-WHO COVID-19 Clinical Characterisation Protocol. Patients with laboratory-confirmed SARS-CoV-2 infection who required hospital admission were recruited prospectively. Patients treated with HFNC, NIV, or IMV within the first 24 h of hospital admission were included in this study. Descriptive statistics, random forest, and logistic regression analyses were used to describe clinical characteristics and compare clinical outcomes among patients treated with the different types of advanced respiratory support. Results: A total of 66,565 patients were included in this study. Overall, 82.6% of patients were treated in HIC, and 40.6% were admitted to the hospital during the first pandemic wave. During the first 24 h after hospital admission, patients in HICs were more frequently treated with HFNC (48.0%), followed by NIV (38.6%) and IMV (13.4%). In contrast, patients admitted in lower- and middle-income countries (LMICs) were less frequently treated with HFNC (16.1%) and the majority received IMV (59.1%). The failure rate of non-invasive respiratory support (i.e. HFNC or NIV) was 15.5%, of which 71.2% were from HIC and 28.8% from LMIC. The variables most strongly associated with non-invasive ventilation failure, defined as progression to IMV, were high leukocyte counts at hospital admission (OR [95%CI]; 5.86 [4.83-7.10]), treatment in an LMIC (OR [95%CI]; 2.04 [1.97-2.11]), and tachypnoea at hospital admission (OR [95%CI]; 1.16 [1.14-1.18]). Patients who failed HFNC/NIV had a higher 28-day fatality ratio (OR [95%CI]; 1.27 [1.25-1.30]). Conclusions: In the present international cohort, the most frequently used advanced respiratory support was the HFNC. However, IMV was used more often in LMIC. Higher leucocyte count, tachypnoea, and treatment in LMIC were risk factors for HFNC/NIV failure. HFNC/NIV failure was related to worse clinical outcomes, such as 28-day mortality. Trial registration This is a prospective observational study; therefore, no health care interventions were applied to participants, and trial registration is not applicable

Respiratory support in patients with severe COVID-19 in the International Severe Acute Respiratory and Emerging Infection (ISARIC) COVID-19 study: a prospective, multinational, observational study

Background: Up to 30% of hospitalised patients with COVID-19 require advanced respiratory support, including high-flow nasal cannulas (HFNC), non-invasive mechanical ventilation (NIV), or invasive mechanical ventilation (IMV). We aimed to describe the clinical characteristics, outcomes and risk factors for failing non-invasive respiratory support in patients treated with severe COVID-19 during the first two years of the pandemic in high-income countries (HICs) and low middle-income countries (LMICs). Methods: This is a multinational, multicentre, prospective cohort study embedded in the ISARIC-WHO COVID-19 Clinical Characterisation Protocol. Patients with laboratory-confirmed SARS-CoV-2 infection who required hospital admission were recruited prospectively. Patients treated with HFNC, NIV, or IMV within the first 24 h of hospital admission were included in this study. Descriptive statistics, random forest, and logistic regression analyses were used to describe clinical characteristics and compare clinical outcomes among patients treated with the different types of advanced respiratory support. Results: A total of 66,565 patients were included in this study. Overall, 82.6% of patients were treated in HIC, and 40.6% were admitted to the hospital during the first pandemic wave. During the first 24 h after hospital admission, patients in HICs were more frequently treated with HFNC (48.0%), followed by NIV (38.6%) and IMV (13.4%). In contrast, patients admitted in lower- and middle-income countries (LMICs) were less frequently treated with HFNC (16.1%) and the majority received IMV (59.1%). The failure rate of non-invasive respiratory support (i.e. HFNC or NIV) was 15.5%, of which 71.2% were from HIC and 28.8% from LMIC. The variables most strongly associated with non-invasive ventilation failure, defined as progression to IMV, were high leukocyte counts at hospital admission (OR [95%CI]; 5.86 [4.83–7.10]), treatment in an LMIC (OR [95%CI]; 2.04 [1.97–2.11]), and tachypnoea at hospital admission (OR [95%CI]; 1.16 [1.14–1.18]). Patients who failed HFNC/NIV had a higher 28-day fatality ratio (OR [95%CI]; 1.27 [1.25–1.30]). Conclusions: In the present international cohort, the most frequently used advanced respiratory support was the HFNC. However, IMV was used more often in LMIC. Higher leucocyte count, tachypnoea, and treatment in LMIC were risk factors for HFNC/NIV failure. HFNC/NIV failure was related to worse clinical outcomes, such as 28-day mortality. Trial registration This is a prospective observational study; therefore, no health care interventions were applied to participants, and trial registration is not applicable

Characteristics and outcomes of an international cohort of 600 000 hospitalized patients with COVID-19

Background: We describe demographic features, treatments and clinical outcomes in the International Severe Acute Respiratory and emerging Infection Consortium (ISARIC) COVID-19 cohort, one of the world's largest international, standardized data sets concerning hospitalized patients. Methods: The data set analysed includes COVID-19 patients hospitalized between January 2020 and January 2022 in 52 countries. We investigated how symptoms on admission, co-morbidities, risk factors and treatments varied by age, sex and other characteristics. We used Cox regression models to investigate associations between demographics, symptoms, co-morbidities and other factors with risk of death, admission to an intensive care unit (ICU) and invasive mechanical ventilation (IMV). Results: Data were available for 689 572 patients with laboratory-confirmed (91.1%) or clinically diagnosed (8.9%) SARS-CoV-2 infection from 52 countries. Age [adjusted hazard ratio per 10 years 1.49 (95% CI 1.48, 1.49)] and male sex [1.23 (1.21, 1.24)] were associated with a higher risk of death. Rates of admission to an ICU and use of IMV increased with age up to age 60 years then dropped. Symptoms, co-morbidities and treatments varied by age and had varied associations with clinical outcomes. The case-fatality ratio varied by country partly due to differences in the clinical characteristics of recruited patients and was on average 21.5%. Conclusions: Age was the strongest determinant of risk of death, with a ∼30-fold difference between the oldest and youngest groups; each of the co-morbidities included was associated with up to an almost 2-fold increase in risk. Smoking and obesity were also associated with a higher risk of death. The size of our international database and the standardized data collection method make this study a comprehensive international description of COVID-19 clinical features. Our findings may inform strategies that involve prioritization of patients hospitalized with COVID-19 who have a higher risk of death

The value of open-source clinical science in pandemic response: lessons from ISARIC

International audienc